Check from your settings if you have session.use_trans_sid set to on. If it's on, it will transfer sid in url. While you are at it, check the session.use_only_cookies. Set that to 1(=On) and session will use cookies only.

hello cahva.
I wonder if writing something like
php_value session.use_trans_sid 0
into my .htaccess file would be enough or
Would I need to write this string as well? php_value session.use_only_cookies 1
It is just that I tried by adding
php_value session.use_trans_sid 0
into my .htaccess file and it seems that the problem with the ?PHPSESSID=..... string is already solved. Now, if I am going to add something like
php_value session.use_only_cookies 1
I would like to know why you suggest that.
Thanks in advance

It's funny because I tested the site in my local installation after inserting
php_value session.use_trans_sid 0
into the .htaccess file and it did work as I expected, that is to say, making the ?PHP_SESSID=... string disappear. However, after uploading the modified file into the server, I
get this error:

Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.

Do you have any suggestin to make it work in the server?
Thanks

Well, I wrote this to my hosting company:

"I just wanted to ask whether you have the mod_rewrite module enabled in Apache's httpd.conf file. It is just because I need to insert this line
php_value session.use_trans_sid 0
into the .htaccess file of my root folder in your server. I want to add this line to the .htaccess file in order to remove the annoying ?PHP_SESSID=.... from my URL because that dynamic part makes the site less friendly for search enginer. To make the site work by inserting this sentence into the .htaccess file and not getting an error through the browser I would appreciate if you could enable the mod_rewrite module in Apache's httpd.conf file.
Look forward to seeing your reply really soon.
Thanks in advance"

and they told me this:

"Hello,

Thank you for contacting our Technical Support Department.

I have contact our administrators for your question and I am afraid that you will be not able to use this directive on our servers."

Do you know if I have any other viable alternative to remove the ?PHPSESSID=... from the URL?
Thanks in advance

If you can't get your hosting company to change the config and don't want to move to another company, you could do it within the scripts via [man]ini_set/man before the call to session_start(). Perhaps put all that stuff into an include file that you can call with one require statement at the start of each file.

NogDog;10888458 wrote:

If you can't get your hosting company to change the config and don't want to move to another company, you could do it within the scripts via [man]ini_set/man before the call to session_start(). Perhaps put all that stuff into an include file that you can call with one require statement at the start of each file.

Hello NogDog
I already tried what you told me in your post. This is what I wrote in the header.php file I already had:

<?php
ini_set("session.use_only_cookies","1");
echo ini_get("session.use_only_cookies") . "= session.use_only_cookies after <br/>";
ini_set("session.use_trans_sid","0");
echo ini_get("session.use_trans_sid") . "= use_trans_sid after";
//from this point on, the header.php file continues as I had it before without changes.
session_start();
......

I have tested this on the server of my hosting company and I saw
thanks to the echo sentences that the session.use_trans_sid variable does not get its value changed to 0 but it is equal to 1 after the ini_set sentence. This is what I saw as a result of the echo sentences:
"1= session.use_only_cookies after
1= use_trans_sid after "

Nonetheless, when I tested this same code in my local server, the result was different, since this test make the session.use_trans_sid variable changed its value into 0 because of the ini_set sentence.
Should I now be thinking about moving to another company? Is there anyone who has some good idea to solve this issue without having to move to another hosting company?
Thanks a lot.

Well, at least, this code
<?php
ini_set("url_rewriter.tags","");
session_start();
...
removed the ?PHPSESSID=... string from my URL as I wanted.
Nonetheless, if you had some suggestion to change the url which ends in ?language=sp into a static url I would appreciate it because the code I wrote before for the .htaccess, that is to say:

# Enable mod_rewrite, start rewrite engine 
Options +FollowSymLinks 
RewriteEngine on 
# 
# Internally rewrite search engine friendly static URL to dynamic filepath and query 
RewriteRule ^language/([^/]+)/?$ /home.php?language=$1 [L] 
# 
# Externally redirect client requests for old dynamic URLs to equivalent new static URLs 
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /home\.php\?language=([^&]+)\ HTTP/ 
RewriteRule ^home\.php$ http://arreglaordenador.com/language/%1? [R=301,L] 

not only did not do the trick but it made the browser returned an error.
Thanks for all your help anyways.

Just wanted to say that changing these settings in .htaccess is not in module mod_rewrite, so it can be that the person you told your story is not very tech-minded person if he/she didnt tell you that. Ask them to change these settings straight in virtual host file if they wont let you use .htaccess file for that. It can also be that your site is running with fastcgi/fcgid and then its only natural that you cannot change those settings via .htaccess. If you are running in cgi, then just ask them to change php.ini setting for your user account.

If all these suggestons fail, its time to change your hosting provider

cahva;10888466 wrote:

Just wanted to say that changing these settings in .htaccess is not in module mod_rewrite, so it can be that the person you told your story is not very tech-minded person if he/she didnt tell you that. Ask them to change these settings straight in virtual host file if they wont let you use .htaccess file for that. It can also be that your site is running with fastcgi/fcgid and then its only natural that you cannot change those settings via .htaccess. If you are running in cgi, then just ask them to change php.ini setting for your user account.

If all these suggestons fail, its time to change your hosting provider

Hello cahva
I do not understand what you mean when you say this:

"Ask them to change these settings straight in virtual host file if they wont let you use .htaccess file for that"

Actually I cannot use the .htaccess file from my hosting company for inserting a line like
php_value session.use_trans_sid because then the browser returns an error.
Nonetheless, what I wanted to ask you is: What virtual host file do you mean?
As for changing the string ?language=sp into a static url I have not found a solution yet.
Thanks in advance

hello again
Ok, I found this tool
http://www.akamarketing.com/mod-rewrite-tool.php which seems pretty cool. Nevertheless, it seems that I should have the mod_rewrite enabled in my hosting company. and they do not want to turn it on. Does any of you have any suggestion?

Anyways, I have tried this code in my local server and it returns an error 500 in my browser with any of these two codes for the .htacess file:

Options +FollowSymLinks
RewriteEngine on
RewriteRule home-language-(.*).htm$ home.php?language=$1
for
Single Page URL
Generated URL: http://www.arreglaordenador.com/home-language-sp.htm

or

Options +FollowSymLinks
RewriteEngine on
RewriteRule home/language/(.) home.php?language=$1
RewriteRule home/language/(.)/ home.php?language=$1
for
Directory Type URL

Generated URL: http://www.arreglaordenador.com/home/language/sp/
Suggestions are appreciated.
Thanks in advance

What I mean by virtual host is that if your domain is on a shared server and uses apache and each domain in that server are separated from each other in their own virtual host directives. In these virtual host's, your host can change settings invidually without changing the other domains settings on that server. So your host will only have to add couple of lines to your vhost:

php_value session.use_trans_sid 0
php_value session.use_only_cookies 1

It is quite strange that you cannot set those with ini_set unless they have set those settings with php_admin_value, which will mean that you cannot change them afterwards in any way. Those session settings are harmless(as a matter of fact they are more secure) and even default php.ini has those 2 settings configured by default the way you are just trying to have them.

BTW, it just came to my mind. Check your error log(hope you atleast can access these?). It can be that mod_rewrite is enabled but Options +FollowSymLinks is not allowed.

If they even dont give you access to mod_rewrite which is very handy to have, I would change host as soon as I could.

Just a side note: for boolean PHP settings, you should use the "php_flag" directive instead of "php_value".

Why? For the sake that php_flag is used for boolean? I dont think theres any security flaw etc. if you use php_value and php_admin_value.. or atleast I havent heard about it

cahva;10888478 wrote:

Why? For the sake that php_flag is used for boolean? I dont think theres any security flaw etc. if you use php_value and php_admin_value.. or atleast I havent heard about it

Well, according to the PHP.net on-line manual:
[indent]Note: Don't use php_value to set boolean values. php_flag (see below) should be used instead.[/indent]
It does not, unfortunately, say anything as to why, or what the consequences might be if you do not.

cahva;10888474 wrote:

What I mean by virtual host is that if your domain is on a shared server and uses apache and each domain in that server are separated from each other in their own virtual host directives. In these virtual host's, your host can change settings invidually without changing the other domains settings on that server. So your host will only have to add couple of lines to your vhost:

php_value session.use_trans_sid 0
php_value session.use_only_cookies 1

It is quite strange that you cannot set those with ini_set unless they have set those settings with php_admin_value, which will mean that you cannot change them afterwards in any way. Those session settings are harmless(as a matter of fact they are more secure) and even default php.ini has those 2 settings configured by default the way you are just trying to have them.

BTW, it just came to my mind. Check your error log(hope you atleast can access these?). It can be that mod_rewrite is enabled but Options +FollowSymLinks is not allowed.

If they even dont give you access to mod_rewrite which is very handy to have, I would change host as soon as I could.

As for this code

php_value session.use_trans_sid 0
php_value session.use_only_cookies 1

My question was what file you meant. I guess you meant the .htaccess that I have on my virtual host in the hosting company. Actually I added the two lines of code you just told me to this .htaccess file but it did not make any difference. I still see the dynamic strring ?language=en or ?language=sp in the url.

As for the ini_set is concerned, well, sorry, it might be the long time I am spending on this but I now tested it again and it seems that the hosting server behaves as expected by changing the value of the variable session.use_trans_sid to 0 as implied by the following php code:

ini_set('session.use_trans_sid', 0);
echo ini_get("session.use_trans_sid") . "= use_trans_sid after";

After cleaning the cache of my browser as always and testing this code in the hosting server, the output from the echo sentence returned
0= use_trans_sid after
that is to say, that the change in the value of the variable was successful.

As for checking the log in my server I would like how I can do that. Another thing is I asked my hosting company to confirm me if they did not have mod_rewrite enabled and I just received an email from another employee different from the other time. This one told me in this email that the mod_rewrite is enabled. So, how can I check if Options +FollowSymLinks is allowed?
Thanks in advance

NogDog;10888475 wrote:

Just a side note: for boolean PHP settings, you should use the "php_flag" directive instead of "php_value".

The thing is that I think I already got the part of the ?PHPSESSID= working by placing this php code in my header.php file:
ini_set('session.use_cookies', 1);
ini_set('session.use_only_cookies', 1);
ini_set('session.use_trans_sid', 0);
ini_set('url_rewriter.tags', '');
Nonetheless I appreciate that suggestion because I did not understand very well the difference as for php_flag and php_value. I guess you can use either of them like this:

php_flag session.use_trans_sid 0
php_flag session.use_only_cookies 1

php_value session.use_trans_sid false
php_value session.use_only_cookies true
Please, correct me if I am wrong.
Anyways, the part that still does not work is the part of replacing the string ?language=sp with a static string.
Thanks

cahva;10888474 wrote:

BTW, it just came to my mind. Check your error log(hope you atleast can access these?). It can be that mod_rewrite is enabled but Options +FollowSymLinks is not allowed.

Hello again
Since some employee from the hosting company confirmed this second time I asked that they indeed currently have the mod_rewrite enabled I decided to check if the sentence
Options +FollowSymLinks was causing the internal server error I get because of my .htaccess file.
I have tested with different variations for this .htaccess file but neither of them work. Moreover, I came to the conclusion that this instruction that you "cahva" mentioned in your post is the one causing the Internal Server error that I am getting when I browse the site hosted in the server from the host.
Thanks in advance for your suggestions.

thosecars82;10888490 wrote:

Hello again
Since some employee from the hosting company confirmed this second time I asked that they indeed currently have the mod_rewrite enabled I decided to check if the sentence
Options +FollowSymLinks was causing the internal server error I get because of my .htaccess file.
I have tested with different variations for this .htaccess file but neither of them work. Moreover, I came to the conclusion that this instruction that you "cahva" mentioned in your post is the one causing the Internal Server error that I am getting when I browse the site hosted in the server from the host.
Thanks in advance for your suggestions.

Thanks
I eventually kind of solved by using a .htaccess file like this:
RewriteEngine on
RewriteRule ^{home/language/(.)} home.php?language=$1
RewriteRule ^{home/language/(.})/ home.php?language=$1
RewriteRule ^home home.php
RewriteRule ^home/ home.php

The only problem now is with reference to two flash objects on the page shown right after entering into the site. This two (title and animation) objects are not displayed if the language is changed in safari or firefox. The only exception would be ie6 in which both animations are still played even when the language is changed.
I am trying to fix this now.
Thannks